What is a Security Engineer?
Security Engineers help companies build and maintain secure systems so the business can remain protected from threats. Security Engineers may also bridge the gap between IT professionals and software engineering, and may need to have a background in both these areas to be effective in their roles.
What is the typical background of a Security Engineer?
Security Engineers typically have a background in software engineering. Many may also have a degree in computer science or something similar, like Cybersecurity, Information Security or Network Engineering.
What are some of the typical responsibilities of a Security Engineer?
- Evaluating new vendors or processes: A Security Engineer may be responsible for evaluating new vendors that provide risk, privacy or compliance services to the company, which all help ensure a high level of security. These tools may change often, so a Security Engineer may need to spend time researching the latest partners in order to stay informed.
- Assessing risks to customers: As companies launch and scale their products (particularly for SaaS companies), Security Engineers may need to provide guidance on how to safeguard their customer data from malicious attacks. Security Engineers will need to identify what the potential risk is to their customers if certain information is leaked or hacked. For example, if a Security Engineer is working with health care companies, or they work with health care clients, they may need to understand HIPPA laws or other compliance questions as they relate to sensitive patient information.
- Developing response strategies: In the event of a hack or an attack (which every Security Engineer tries to avoid, but these can still sometimes happen), Security Engineers may need to develop a response strategy. What’s the first line of defense? How are customers notified of a breach? What are the next steps in reviewing the incident? These questions, among others, are all questions a Security Engineer working with product, legal, compliance and communications teams will need to address in order to develop a response.
- Testing and re-testing: Security Engineers will likely need to apply vigorous testing and evaluate their own code as well as other teams’ code, to make sure their systems are protected.
What are some of the skills a successful Security Engineer should have?
- Experience with the cloud: many Security Engineers may need to have experience in cloud-based platforms, since many companies now work almost exclusively in these platforms
- Experience with a variety of platforms: UNIX /Linux environments, Windows, and different database technologies, may all be platforms that a security engineer should have experience in.
- Experience with mobile technologies: For products that are built on mobile (like apps), Security Engineers may need to develop code and response policies to maintain security on mobile devices too.
What are some of the typical job titles of a Security Engineer?
We’ve recruited for many different Security Engineer roles, including job titles like:
- Senior Security Engineer
- Security Lead Engineer
- Engineering Manager, Security